-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathMakefile
More file actions
435 lines (372 loc) · 19.5 KB
/
Copy pathMakefile
File metadata and controls
435 lines (372 loc) · 19.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
# Copyright (C) 2025-2026 Pablo Ruiz García <pablo.ruiz@gmail.com>
# SPDX-License-Identifier: GPL-3.0-or-later OR AGPL-3.0-or-later
.PHONY: help init venv env-check check status next-id frontmatter check-phase-artifacts tests test-parity itemdb-reset codeql-clean index report
.PHONY: findings findings-create findings-move findings-evidence findings-package
.PHONY: phase-1 phase-2 phase-3 phase-4 phase-5 phase-6 validate-all exploit-all opencode-raw
.PHONY: sandbox-setup sandbox-check sandbox-up sandbox-down sandbox-shell sandbox-logs sandbox-clean sandbox-reset sandbox-build sandbox-test
.PHONY: sandbox-list sandbox-inspect sandbox-detect sandbox-bootstrap sandbox-validate sandbox-regenerate sandbox-status show-model
PYTHON := .venv/bin/python3
export PATH := $(CURDIR)/.venv/bin:$(PATH)
export PROMPT_EXTRA
export PROMPT_EXTRA_FILE
# Pass --thinking to raw opencode run when CODECOME_THINKING=1
OPENCODE_THINKING_FLAG := $(if $(filter 1,$(CODECOME_THINKING)),--thinking,)
# Derive managed CodeQL binary path from the host OS (no inline Python).
UNAME_S := $(shell uname -s 2>/dev/null || printf unknown)
ifeq ($(UNAME_S),Darwin)
CODEQL_PLATFORM := osx64
else ifeq ($(UNAME_S),Linux)
CODEQL_PLATFORM := linux64
else ifneq (,$(findstring MINGW,$(UNAME_S)))
CODEQL_PLATFORM := win64
else ifneq (,$(findstring MSYS,$(UNAME_S)))
CODEQL_PLATFORM := win64
else ifneq (,$(findstring CYGWIN,$(UNAME_S)))
CODEQL_PLATFORM := win64
else
CODEQL_PLATFORM := win64
endif
CODEQL_BIN := $(or $(CODEQL_INSTALL_PATH),.tools/codeql/$(CODEQL_PLATFORM)/current/codeql)
ifndef NO_COLOR
RED := \033[31m
GREEN := \033[32m
YELLOW := \033[33m
CYAN := \033[36m
BOLD := \033[1m
RESET := \033[0m
else
RED :=
GREEN :=
YELLOW :=
CYAN :=
BOLD :=
RESET :=
endif
help:
@printf "\n"
@printf " $(BOLD)$(CYAN)CodeCome commands$(RESET)\n"
@printf " $(BOLD)$(CYAN)=================$(RESET)\n"
@printf "\n"
@printf " $(BOLD)$(CYAN)Workflow phases:$(RESET)\n"
@printf "\n"
@printf " $(BOLD)make init$(RESET) Create/update repo-local virtualenv\n"
@printf " $(BOLD)make phase-1$(RESET) Run reconnaissance\n"
@printf " $(BOLD)make phase-2$(RESET) Run hypothesis generation\n"
@printf " $(BOLD)make phase-3$(RESET) Run counter-analysis\n"
@printf " $(BOLD)make phase-4 FINDING=CC-0001$(RESET) Validate one finding\n"
@printf " $(BOLD)make phase-5 FINDING=CC-0001$(RESET) Develop exploit for one finding\n"
@printf " $(BOLD)make phase-6$(RESET) Generate report\n"
@printf " $(BOLD)make validate-all$(RESET) Validate all PENDING findings\n"
@printf " $(BOLD)make exploit-all$(RESET) Exploit all CONFIRMED findings\n"
@printf "\n"
@printf " $(BOLD)$(CYAN)Deep Sweep (Optional):$(RESET)\n"
@printf "\n"
@printf " $(BOLD)make list-risk-files$(RESET) List top-scoring risky files from index\n"
@printf " $(BOLD)make sweep$(RESET) Run deep sweep on top-scoring files\n"
@printf " $(BOLD)make sweep FILE=\"src/foo.*\"$(RESET) Run deep sweep on specific file(s)\n"
@printf "\n"
@printf " $(BOLD)$(CYAN)Phase controls:$(RESET)\n"
@printf "\n"
@printf " $(BOLD)CODECOME_THINKING=1$(RESET) Show model reasoning/thinking blocks in output\n"
@printf " $(BOLD)CODECOME_MODEL=<id>$(RESET) Pin the model per phase (e.g. anthropic/claude-opus-4-7)\n"
@printf " $(BOLD)CODECOME_MODEL_VARIANT=<v>$(RESET) Pin the model variant (e.g. high, max)\n"
@printf " $(BOLD)PROMPT_EXTRA=\"...\"$(RESET) Append extra instructions to phase prompt\n"
@printf " $(BOLD)PROMPT_EXTRA_FILE=path$(RESET) Append file content to phase prompt\n"
@printf "\n"
@printf " $(BOLD)make show-model$(RESET) Print the model resolution table for an agent\n"
@printf " $(BOLD)make show-model AGENT=auditor$(RESET)\n"
@printf "\n"
@printf " $(BOLD)$(CYAN)Raw debug (non-workflow):$(RESET)\n"
@printf "\n"
@printf " $(BOLD)make opencode-raw$(RESET) Run opencode directly (bypasses harness)\n"
@printf " $(BOLD)AGENT=<name>$(RESET) Required. Agent to run (e.g. auditor)\n"
@printf " $(BOLD)PROMPT_FILE=path$(RESET) Required. Prompt file to send\n"
@printf " $(BOLD)CODECOME_THINKING=1$(RESET) Show reasoning/thinking blocks\n"
@printf "\n"
@printf " $(BOLD)$(CYAN)Workspace tools:$(RESET)\n"
@printf "\n"
@printf " $(BOLD)make check$(RESET) Validate workspace structure and config\n"
@printf " $(BOLD)make status$(RESET) Show current finding status\n"
@printf " $(BOLD)make next-id$(RESET) Show next available finding id\n"
@printf " $(BOLD)make hints$(RESET) Print open questions and re-run hints from phase run summaries\n"
@printf " $(BOLD)make frontmatter$(RESET) Validate finding frontmatter\n"
@printf " $(BOLD)make tests$(RESET) Run dev test suite + frontmatter gate\n"
@printf " $(BOLD)make itemdb-reset$(RESET) Remove local audit artifacts and recreate .gitkeep files\n"
@printf " $(BOLD)make codeql-clean$(RESET) Remove generated CodeQL artifacts and cache\n"
@printf " $(BOLD)make index$(RESET) Regenerate itemdb/index.md\n"
@printf " $(BOLD)make report$(RESET) Regenerate itemdb/reports/report.md (local, no AI)\n"
@printf "\n"
@printf " $(BOLD)$(CYAN)Finding management:$(RESET)\n"
@printf "\n"
@printf " $(BOLD)make findings$(RESET) List all findings\n"
@printf " $(BOLD)make findings STATUS=PENDING$(RESET) List findings by status\n"
@printf " $(BOLD)make findings-create TITLE=\"...\"$(RESET) Create a new finding from template\n"
@printf " $(BOLD)make findings-move FINDING=CC-0001 STATUS=CONFIRMED$(RESET)\n"
@printf " $(BOLD)make findings-evidence FINDING=CC-0001$(RESET)\n"
@printf " $(BOLD)make findings-package FINDING=CC-0001$(RESET) Package all artifacts for a finding into a zip\n"
@printf "\n"
@printf " $(BOLD)$(CYAN)Sandbox runtime:$(RESET)\n"
@printf "\n"
@printf " $(BOLD)make sandbox-setup$(RESET) Set up sandbox env (setup.sh or 'docker compose build')\n"
@printf " $(BOLD)make sandbox-check$(RESET) Run sandbox smoke test\n"
@printf " $(BOLD)make sandbox-up$(RESET) Start sandbox\n"
@printf " $(BOLD)make sandbox-down$(RESET) Stop sandbox\n"
@printf " $(BOLD)make sandbox-shell$(RESET) Open sandbox shell\n"
@printf " $(BOLD)make sandbox-logs$(RESET) Follow sandbox logs\n"
@printf " $(BOLD)make sandbox-clean$(RESET) Stop sandbox and clean tmp\n"
@printf " $(BOLD)make sandbox-reset$(RESET) Recreate sandbox from a known state\n"
@printf " $(BOLD)make sandbox-build$(RESET) Build the target inside the sandbox\n"
@printf " $(BOLD)make sandbox-test$(RESET) Test the target inside the sandbox\n"
@printf "\n"
@printf " $(BOLD)$(CYAN)Sandbox bootstrap:$(RESET)\n"
@printf "\n"
@printf " $(BOLD)make sandbox-list$(RESET) List curated example sandboxes\n"
@printf " $(BOLD)make sandbox-inspect ID=python$(RESET) Inspect one example\n"
@printf " $(BOLD)make sandbox-detect$(RESET) Propose ranked candidates for src/\n"
@printf " $(BOLD)make sandbox-bootstrap ID=python$(RESET) Apply an example to sandbox/\n"
@printf " $(BOLD)make sandbox-validate$(RESET) Run sandbox validation tiers\n"
@printf " $(BOLD)make sandbox-regenerate$(RESET) Re-apply current example with backup\n"
@printf " $(BOLD)make sandbox-status$(RESET) Show sandbox provenance and gate result\n"
@printf "\n"
@printf " $(BOLD)$(CYAN)Sandbox bootstrap controls:$(RESET)\n"
@printf "\n"
@printf " $(BOLD)CODECOME_ALLOW_NO_SANDBOX=1$(RESET) Soft-override Phase 2 sandbox gate\n"
@printf " $(BOLD)CODECOME_BOOTSTRAP_MAX_RETRIES=N$(RESET) Agent remediation budget (default 3)\n"
@printf " $(BOLD)CODECOME_BOOTSTRAP_DRY_RUN=1$(RESET) Force --dry-run on apply/regenerate\n"
@printf "\n"
# ---------------------------------------------------------------------------
# Python environment
# ---------------------------------------------------------------------------
init:
@printf "\n$(BOLD)$(CYAN)==> [1/4] Creating Python virtual environment$(RESET)\n"
@python3 -m venv .venv || { printf "$(BOLD)$(RED)[FAIL]$(RESET) Could not create .venv\n"; exit 1; }
@printf "$(BOLD)$(GREEN)[OK]$(RESET) Virtual environment ready at .venv\n\n"
@printf "$(BOLD)$(CYAN)==> [2/4] Upgrading pip$(RESET)\n"
@$(PYTHON) -m pip install --upgrade pip || { printf "$(BOLD)$(RED)[FAIL]$(RESET) pip upgrade failed\n"; exit 1; }
@printf "$(BOLD)$(GREEN)[OK]$(RESET) pip upgraded\n\n"
@printf "$(BOLD)$(CYAN)==> [3/4] Installing Python requirements$(RESET)\n"
@$(PYTHON) -m pip install --no-input -r requirements.txt || { printf "$(BOLD)$(RED)[FAIL]$(RESET) requirements install failed\n"; exit 1; }
@printf "$(BOLD)$(GREEN)[OK]$(RESET) Python dependencies installed\n\n"
@printf "$(BOLD)$(CYAN)==> [4/4] Installing managed CodeQL CLI$(RESET)\n"
@rm -f .tools/codeql/.disabled
@if [ "$$CODEQL" != "0" ] && [ "$$CODEQL_SKIP_INSTALL" != "1" ]; then \
if $(PYTHON) -c "import yaml,sys; cfg=yaml.safe_load(open('codecome.yml')); sys.exit(0 if cfg.get('codeql',{}).get('enabled',True) else 1)" 2>/dev/null; then \
$(PYTHON) tools/codeql.py install || { printf "$(BOLD)$(RED)[FAIL]$(RESET) managed CodeQL install failed\n"; exit 1; }; \
printf "$(BOLD)$(GREEN)[OK]$(RESET) Managed CodeQL CLI ready\n"; \
else \
mkdir -p .tools/codeql && touch .tools/codeql/.disabled; \
printf "$(BOLD)$(YELLOW)[SKIP]$(RESET) CodeQL disabled in codecome.yml\n"; \
fi; \
else \
mkdir -p .tools/codeql && touch .tools/codeql/.disabled; \
printf "$(BOLD)$(YELLOW)[SKIP]$(RESET) Managed CodeQL install skipped (CODEQL=0 or CODEQL_SKIP_INSTALL=1)\n"; \
fi
@printf "\n$(BOLD)$(GREEN)Setup complete.$(RESET)\n"
venv: init
env-check:
@test -x "$(PYTHON)" || (printf "\n$(BOLD)$(RED)[FAIL]$(RESET) Missing repo virtualenv at .venv\n\nRun:\n\n make init\n\n" && exit 1)
@$(PYTHON) -c "import yaml, rich" >/dev/null 2>&1 || (printf "\n$(BOLD)$(RED)[FAIL]$(RESET) .venv is missing required Python packages\n\nRun:\n\n make init\n\nIf you updated requirements, rerun the same command to resync .venv.\n\n" && exit 1)
@if [ ! -f .tools/codeql/.disabled ]; then \
test -x "$(CODEQL_BIN)" || (printf "\n$(BOLD)$(RED)[FAIL]$(RESET) CodeQL is enabled but the managed binary is missing ($(CODEQL_BIN)).\n\nRun:\n\n make init\n\nOr to explicitly disable CodeQL:\n\n CODEQL=0 make init\n\n" && exit 1); \
fi
# ---------------------------------------------------------------------------
# Workflow phases
# ---------------------------------------------------------------------------
phase-1: env-check
@$(PYTHON) tools/gate-check.py 1
@$(PYTHON) tools/run-agent.py --phase 1 --label "Phase 1: Reconnaissance" --agent recon
phase-2: env-check
@$(PYTHON) tools/gate-check.py 2
@$(PYTHON) tools/sandbox-bootstrap.py status --gate || ( \
printf "\n$(BOLD)$(YELLOW)[BLOCK]$(RESET) Phase 2 sandbox gate failed.\n" ; \
printf "Run: make sandbox-status\n" ; \
printf "Or override (not recommended): CODECOME_ALLOW_NO_SANDBOX=1 make phase-2\n\n" ; \
exit 1 )
@$(PYTHON) tools/run-agent.py --phase 2 --label "Hypothesis Generation" --agent auditor --prompt-file prompts/phase-2-audit.md
phase-3: env-check
@$(PYTHON) tools/gate-check.py 3
@$(PYTHON) tools/run-agent.py --phase 3 --label "Counter-analysis" --agent reviewer --prompt-file prompts/phase-3-review.md
phase-4: env-check
@test -n "$(FINDING)" || (printf "\n$(BOLD)$(RED)[FAIL]$(RESET) Missing required FINDING argument for Phase 4 (Validation).\n\nSpecify which finding you want to validate:\n\n $(BOLD)make phase-4 FINDING=CC-0001$(RESET)\n\nTo list available pending findings: $(BOLD)make findings STATUS=PENDING$(RESET)\n\n" && exit 1)
@$(PYTHON) tools/gate-check.py 4 $(FINDING)
@$(PYTHON) tools/run-agent.py --phase 4 --label "Validation" --agent validator --prompt-file prompts/phase-4-validate.md --finding "$(FINDING)"
phase-5: env-check
@test -n "$(FINDING)" || (printf "\n$(BOLD)$(RED)[FAIL]$(RESET) Missing required FINDING argument for Phase 5 (Exploitation).\n\nSpecify which finding you want to exploit:\n\n $(BOLD)make phase-5 FINDING=CC-0001$(RESET)\n\nTo list available confirmed findings: $(BOLD)make findings STATUS=CONFIRMED$(RESET)\n\n" && exit 1)
@$(PYTHON) tools/gate-check.py 5 $(FINDING)
@$(PYTHON) tools/run-agent.py --phase 5 --label "Exploit Development" --agent exploiter --prompt-file prompts/phase-5-exploit.md --finding "$(FINDING)"
phase-6: env-check
@$(PYTHON) tools/gate-check.py 6
@$(PYTHON) tools/run-agent.py --phase 6 --label "Reporting" --agent reporter --prompt-file prompts/phase-6-report.md
chat: env-check
@$(PYTHON) tools/run-agent.py --chat --label "Interactive Chat" --agent $(or $(AGENT),chat) --prompt-file prompts/chat-initial.md $(if $(DEBUG),--debug,)
list-risk-files: env-check
@$(PYTHON) tools/list-risk-files.py
sweep: env-check
@if [ -n "$(FILE)" ]; then \
$(PYTHON) tools/run-sweep.py --file "$(FILE)"; \
else \
$(PYTHON) tools/run-sweep.py; \
fi
# ---------------------------------------------------------------------------
# Raw opencode debug target (non-workflow)
# ---------------------------------------------------------------------------
opencode-raw:
@test -n "$(AGENT)" || (echo "AGENT is required. Usage: make opencode-raw AGENT=auditor PROMPT_FILE=prompts/foo.md" && exit 1)
@test -r "$(PROMPT_FILE)" || (echo "PROMPT_FILE must be a readable file. Usage: make opencode-raw AGENT=auditor PROMPT_FILE=prompts/foo.md" && exit 1)
@opencode run --agent "$(AGENT)" $(OPENCODE_THINKING_FLAG) "$$(cat "$(PROMPT_FILE)")"
validate-all: env-check
@ids=$$($(PYTHON) tools/list-findings.py --status PENDING --format ids 2>/dev/null); \
if [ -z "$$ids" ]; then \
echo "No PENDING findings to validate."; \
exit 0; \
fi; \
for f in $$ids; do \
echo ""; \
echo "Validating $$f..."; \
echo ""; \
$(MAKE) phase-4 FINDING=$$f; \
done
exploit-all: env-check
@ids=$$($(PYTHON) tools/list-findings.py --status CONFIRMED --eligible-for-exploit --format ids 2>/dev/null); \
if [ -z "$$ids" ]; then \
echo "No eligible CONFIRMED findings to exploit."; \
exit 0; \
fi; \
for f in $$ids; do \
echo ""; \
echo "Developing exploit for $$f..."; \
echo ""; \
$(MAKE) phase-5 FINDING=$$f; \
done
# ---------------------------------------------------------------------------
# Workspace tools
# ---------------------------------------------------------------------------
check: env-check
$(PYTHON) tools/codecome.py check
status: env-check
$(PYTHON) tools/codecome.py status
next-id: env-check
$(PYTHON) tools/codecome.py next-id
frontmatter: env-check
$(PYTHON) tools/check-frontmatter.py
check-phase-artifacts: env-check
$(PYTHON) tools/codecome.py check-phase-artifacts --phase $(or $(PHASE),all)
tests: env-check
$(PYTHON) -m pytest -q tests
$(PYTHON) tools/check-frontmatter.py
$(PYTHON) tools/codecome.py check-phase-artifacts --phase all --allow-missing-generated-artifacts
test-parity: env-check
$(PYTHON) -m pytest tests/test_mock_llm_parity.py -v
itemdb-reset: env-check
rm -f itemdb/notes/*.md
rm -rf itemdb/evidence/CC-*
rm -f itemdb/reports/*.md
rm -f itemdb/findings/PENDING/CC-*.md
rm -f itemdb/findings/CONFIRMED/CC-*.md
rm -f itemdb/findings/EXPLOITED/CC-*.md
rm -f itemdb/findings/REJECTED/CC-*.md
rm -f itemdb/findings/DUPLICATE/CC-*.md
rm -f runs/*.md
rm -rf tmp/*
touch itemdb/notes/.gitkeep
touch itemdb/evidence/.gitkeep
touch itemdb/reports/.gitkeep
touch itemdb/findings/PENDING/.gitkeep
touch itemdb/findings/CONFIRMED/.gitkeep
touch itemdb/findings/EXPLOITED/.gitkeep
touch itemdb/findings/REJECTED/.gitkeep
touch itemdb/findings/DUPLICATE/.gitkeep
touch runs/.gitkeep
touch tmp/.gitkeep
$(PYTHON) tools/render-index.py
codeql-clean:
rm -rf itemdb/codeql
rm -rf .cache/codeql
rm -rf src/_codeql_detected_source_root
index: env-check
$(PYTHON) tools/render-index.py
hints: env-check
$(PYTHON) tools/codecome.py hints
report: env-check
$(PYTHON) tools/render-report.py
findings: env-check
ifdef STATUS
$(PYTHON) tools/list-findings.py --status $(STATUS)
else
$(PYTHON) tools/list-findings.py
endif
findings-create: env-check
@test -n "$(strip $(TITLE))" || (printf "TITLE is required. Usage: make findings-create TITLE=\"Short descriptive title\" [ARGS='...']\n" && exit 2)
$(PYTHON) tools/create-finding.py "$(TITLE)" $(ARGS)
findings-move: env-check
$(PYTHON) tools/move-finding.py $(FINDING) $(STATUS)
findings-evidence: env-check
$(PYTHON) tools/create-evidence.py $(FINDING)
findings-package:
@test -n "$(FINDING)" || (printf "\n$(BOLD)$(RED)[FAIL]$(RESET) Missing FINDING argument for packaging.\n\n make findings-package FINDING=CC-0001\n\n" && exit 1)
@$(PYTHON) tools/package-finding.py "$(FINDING)"
# ---------------------------------------------------------------------------
# Sandbox
# ---------------------------------------------------------------------------
SANDBOX_SCRIPT_HINT := "No sandbox helper script found. Run 'make phase-1' (sub-stage 1b) to bootstrap sandbox/ from templates/sandboxes/, or place the helper script under sandbox/scripts/ manually."
sandbox-setup:
@if [ -x sandbox/scripts/setup.sh ]; then \
./sandbox/scripts/setup.sh; \
elif [ -f sandbox/docker-compose.yml ]; then \
docker compose -f sandbox/docker-compose.yml build; \
else \
echo $(SANDBOX_SCRIPT_HINT); \
exit 1; \
fi
sandbox-check:
@test -x sandbox/scripts/check.sh || (echo $(SANDBOX_SCRIPT_HINT) && exit 1)
./sandbox/scripts/check.sh
sandbox-up:
@test -x sandbox/scripts/up.sh || (echo $(SANDBOX_SCRIPT_HINT) && exit 1)
./sandbox/scripts/up.sh
sandbox-down:
@test -x sandbox/scripts/down.sh || (echo $(SANDBOX_SCRIPT_HINT) && exit 1)
./sandbox/scripts/down.sh
sandbox-shell:
@test -x sandbox/scripts/shell.sh || (echo $(SANDBOX_SCRIPT_HINT) && exit 1)
./sandbox/scripts/shell.sh
sandbox-logs:
@test -x sandbox/scripts/logs.sh || (echo $(SANDBOX_SCRIPT_HINT) && exit 1)
./sandbox/scripts/logs.sh
sandbox-clean:
@test -x sandbox/scripts/clean.sh || (echo $(SANDBOX_SCRIPT_HINT) && exit 1)
./sandbox/scripts/clean.sh
sandbox-reset:
@test -x sandbox/scripts/reset.sh || (echo $(SANDBOX_SCRIPT_HINT) && exit 1)
./sandbox/scripts/reset.sh
sandbox-build:
@test -x sandbox/scripts/build.sh || (echo $(SANDBOX_SCRIPT_HINT) && exit 1)
./sandbox/scripts/build.sh
sandbox-test:
@test -x sandbox/scripts/test.sh || (echo $(SANDBOX_SCRIPT_HINT) && exit 1)
./sandbox/scripts/test.sh
# ---------------------------------------------------------------------------
# Sandbox bootstrap (Phase 1b)
# ---------------------------------------------------------------------------
sandbox-list: env-check
@$(PYTHON) tools/sandbox-bootstrap.py list
sandbox-inspect: env-check
@test -n "$(ID)" || (echo "Usage: make sandbox-inspect ID=<example-id>" && exit 1)
@$(PYTHON) tools/sandbox-bootstrap.py inspect $(ID)
sandbox-detect: env-check
@$(PYTHON) tools/sandbox-bootstrap.py detect
sandbox-bootstrap: env-check
@test -n "$(ID)" || (echo "Usage: make sandbox-bootstrap ID=<example-id>" && exit 1)
@$(PYTHON) tools/sandbox-bootstrap.py apply $(ID) $(BOOTSTRAP_ARGS)
sandbox-validate: env-check
@$(PYTHON) tools/sandbox-bootstrap.py validate $(BOOTSTRAP_ARGS)
sandbox-regenerate: env-check
@$(PYTHON) tools/sandbox-bootstrap.py regenerate $(BOOTSTRAP_ARGS)
sandbox-status: env-check
@$(PYTHON) tools/sandbox-bootstrap.py status
# Print the model that would be picked for a given AGENT (default: recon).
# Usage:
# make show-model
# make show-model AGENT=auditor
show-model: env-check
@$(PYTHON) tools/run-agent.py --show-model --agent $(or $(AGENT),recon)